Multiple authentication mechanisms for accessing service center supporting a variety of products

ABSTRACT

According to one embodiment, a login page is displayed on a mobile device for logging onto a support center. In response to selecting a first login option, the user is requested to speak a predetermined phrase to a microphone of the mobile device and a first voice stream is captured using a voice recorder of the mobile device. The first voice stream is transmitted to the support center for authentication based on the voice. In response to selecting a second login option, a password is obtained and is transmitted to the support center to for authentication based on the password. Upon having been successfully authenticated by the support center based on at least one of the first and second login options, a communication session is established with a support agent of the support center for support services of a product associated with the user.

RELATED APPLICATIONS

This application is a divisional of pending U.S. patent application Ser.No. 13/213,000, filed Aug. 18, 2011, which is incorporated by referenceherein in its entirety.

FIELD OF THE INVENTION

Embodiments of the present invention relate generally to providingproduct services. More particularly, embodiments of the invention relateto providing multiple authentication options for authenticating a userto access a service center.

BACKGROUND

Prior to the advent and prolific use of distributed network environmentssuch as the Internet, customer service sessions typically occurred overa teleconference between a customer service agent or service specialistand a customer. These teleconferences, which incidentally are still verypopular today, are initiated by a customer placing a phone call to acustomer service agent. The customer service agent's phone receives thecall through a public-switched telephone network (PTSN). Many supportcenters handle a large volume of inquiries, usually by phone, for sales,information, customer support and other services. Typical supportcenters provide the ability to route multiple incoming,customer-initiated calls to agents which provide sales, information, orsupport on behalf of an entity interested in establishing or maintaininga relationship with the customer.

Modern support center systems selectively route incoming calls based ona number of factors such as the number called or dialed, the originatingnumber, the queued sequence of the caller, the geographic location ofthe caller, accumulated caller history, and other relevant criteria.Once the system has evaluated the inbound caller's information, if any,the system searches for an available agent to service the call.Availability of agents may be dependent on any number of factors such asa skill level or a schedule of the agent. The number of agents withinthe contact center and available to the system may often be limited bythe physical space available for the agents to operate. Contact centershave to deal with a limited number of agents to handle a large number ofincoming customer calls.

As the Internet is getting more popular, customer service providers nowprovide for computer-based customer service interaction by way of theWorld Wide Web. Instead of initiating a customer service session byusing the phone, customers may access a website and engage in aweb-based customer service session to make inquiries (e.g., technicalsupport) and/or perform tasks (e.g., paying bills). Web-based customerservice sessions offer numerous advantages over teleconference-basedsessions. For example, the graphical user interface of web-basedcustomer service applications permit customers to view illustrations orwritten explanations and thus ameliorate the miscommunications which mayarise with oral conversations between a customer service agent and acustomer.

Further, web-based customer service sessions enable a customer todirectly target his/her needs on the website and thus reduce the timeexpended both in navigating through a series of vocal menu choicesinapplicable to the consumer's particular needs and in waiting to speakto a service agent. Significantly, web-based customer service sessionsare particularly cost-effective for the customer service provider giventhat fewer agents are required to communicate with customers. Indeed,customers are provided functionality for finding answers to theirquestions or performing tasks without any help from a live agent. Thesecustomer service sessions may be entirely computer-based or,alternatively, involve interaction with a customer service agent.

In addition, in order to access a support center, a user is required toenter certain credentials such as username and password to allow thesupport center authenticating the user. As mobile devices are gettingmore popular, such an authentication mechanism becomes inconvenient as amobile device may lack a user-friendly keyboard. There has been a lackof alternative authentication options available to a mobile device foraccessing a support center.

BRIEF DESCRIPTION OF THE DRAWINGS

Embodiments of the invention are illustrated by way of example and notlimitation in the figures of the accompanying drawings in which likereferences indicate similar elements.

FIG. 1 is a block diagram illustrating a system for providing life cycleservices to products according to one embodiment of the invention.

FIG. 2 is a block diagram illustrating an example of a service centeraccording to another embodiment of the invention.

FIG. 3 is a flow diagram illustrating an authentication method foraccessing a service center according to one embodiment of the invention.

FIG. 4 is a flow diagram illustrating an authentication method foraccessing a service center according to another embodiment of theinvention.

FIG. 5 is a flow diagram illustrating a method to authenticate a userfor accessing a service center according to one embodiment of theinvention.

FIGS. 6A-6F are screenshots illustrating examples of graphical userinterfaces (GUIs) for authenticating a user for accessing a servicecenter according to one embodiment of the invention.

FIGS. 7A-7D are screenshots illustrating examples of graphical userinterfaces (GUIs) for authenticating a user for accessing a servicecenter according to another embodiment of the invention.

DETAILED DESCRIPTION

Various embodiments and aspects of the inventions will be described withreference to details discussed below, and the accompanying drawings willillustrate the various embodiments. The following description anddrawings are illustrative of the invention and are not to be construedas limiting the invention. Numerous specific details are described toprovide a thorough understanding of various embodiments of the presentinvention. However, in certain instances, well-known or conventionaldetails are not described in order to provide a concise discussion ofembodiments of the present inventions.

Reference in the specification to “one embodiment” or “an embodiment”means that a particular feature, structure, or characteristic describedin conjunction with the embodiment can be included in at least oneembodiment of the invention. The appearances of the phrase “in oneembodiment” in various places in the specification do not necessarilyall refer to the same embodiment.

According to some embodiments, various login and authentication optionsare provided to a mobile device to allow a user to select one or more ofthe options to access a service center (e.g., a support center) thatprovides support services to a variety of products or services on behalfof a variety of product or service providers. The login/authenticationoptions include, but are not limited to, a traditional username andpassword login/authentication option, a voice login/authenticationoption, and an image login/authentication option. These options can beutilized individually or in combination dependent upon a particular userconfiguration or preference, which may be specified and stored in a userprofile maintained by the service center. One login/authenticationoption can be utilized in addition to another login/authenticationoption or alternatively, one login/authentication option can be utilizedas a backup option when another login/authentication option fails.

In one embodiment, in response to a user selection of a voice loginoption, the mobile device presents predefined one or more terms,phrases, or sentences and requests the user to speak the presentedcontent to a microphone of the mobile device. A voice recorder of themobile device is configured to capture a voice stream representing theone or more phrases spoken in real time by the user. The mobile devicethen transmits the captured voice stream to the service center over anetwork. In response, a security system of the service center isconfigured to authenticate the user by matching the received voicestream against another voice stream that has been previously registeredand stored in a database associated with the user of the service center.

Similarly, a user can also initiate an image or video login option fromits mobile device. According to one embodiment, in response to a userselection of an image login option, the mobile device requests the userto capture one or more images of the user at the point in time using acamera of the mobile device. The mobile device then transmits thecaptured image(s) to the service center over a network. In response, asecurity system of the service center is configured to authenticate theuser by matching the received image(s) against other image(s) that havebeen previously registered and stored in a database associated with theuser of the service center.

According to one embodiment, the voice login option and the image/videologin option may be required independently or in combination dependentupon specific situations, which may be configurable by the user andstored in a user profile of the service center. For example, a voice orimage authentication may be required in addition to the traditionalpassword authentication. Any of the voice, image, and passwordauthentications may be selected as a default or primary authenticationmechanism. If the default authentication fails, another authenticationmay be utilized as a backup login option.

Once the service center has successfully authenticated the user, theuser can obtain support services or access resources available from theservice center regarding one or more products or services that have beenregistered by the user. For example, a user can initiate from its mobiledevice and the service center can arrange a service specialist byestablishing a communications session between the user and the servicespecialist using a communications channel that is preferred by the userand available to the service specialist. A user can also sell or disposea registered product via the service center. A user can also access anonline discussion forum associated with a registered product via theservice center. A user can also receive certain advertisements (e.g.,promotions or discount coupons) related to a registered product via theservice center.

FIG. 1 is a block diagram illustrating a system for providing life cycleservices to products according to one embodiment of the invention.Referring to FIG. 1, system 100 includes a mobile device 101 of a user,customer, or individual communicatively coupled to service center 102over a network. The network may be any kind of networks. Mobile device101 may be any kind of mobile devices including, but is not limited to,a laptop, mobile phone, tablet, media player, personal digital assistantor PDA, etc.

Service center 102 may be implemented in a centralized facility orserver. Alternatively, service center 102 may be implemented in multiplefacilities or servers in a distributed manner (e.g., cloud-based serviceplatforms). Service center 102 provides services to a variety ofproducts or services from a variety of clients or vendors. A client maybe a manufacturer, a distributor, a retailer, a service provider orbroker, a purchasing facility (e.g., Amazon™, Expedia™, or ISIS™), or acombination thereof. In one embodiment, service center 102 includesservice APIs 104 to communicate with other systems such as mobile device101, client's site 117, social communities 116, contact center 114including agents or experts 115, client backend systems 118,manufacturer backend systems 119, eCommerce sites 120 and otherauxiliary systems (e.g., billing system). Service center 102 can handleservice requests from customers of multiple clients. For example, aservice center may handle customer service requests for a number ofretail sales companies, sales calls for catalog sales companies, andpatient follow-up contacts for health care providers. In such astructure, the service center may receive service requests directly fromthe customers or through client support management systems.

In one embodiment, service center 102 further includes community servicesystem 105, support services system 106, post market service system 107,messaging system 108, and data warehouse 109. Support services system106 is responsible for handling support services requests from theusers, including identifying and registering a product, creating aninstance case context, selecting and assigning a customer representative(also referred to herein as an agent, specialist, or expert) to providesupport services to the users, and managing work flows, etc. An agentmay be selected based on a skill set or expertise of the agent, as wellas other factors such as geographic location, of the agent. The term“agent,” “specialist,” or “expert” refers to a service center personnelor a computerized application, in some cases, that respond to customerrequests. An agent may be locally situated at the service center orremotely situated over a network. Throughout this application, the termsof “agent,” “specialist,” and “expert” are interchangeable termsdependent upon the circumstances. In most cases, the term of “agent”collectively refers to a customer representative, a support agent, asupport specialist, a support expert, or a combination thereof, whichmay be a service center personnel and/or a computerized application.Further detailed information concerning service center 102 and/orsupport service system 106 can be found in co-pending U.S. patentapplication Ser. No. 13/085,397, filed Apr. 12, 2011, which isincorporated by reference in its entirety.

In one embodiment, community service system 105 is responsible forcommunicating with social communities 116 via an API, for example, topost a message received from a user and to route the responses receivedfrom social communities 116 back to the user. Post market service system107 is responsible for handling post market activities associated withthe registered products, including selling a registered product oneCommerce sites 120 and arranging a disposal facility to dispose orrecycle the product, etc.

According to one embodiment, in addition to registering a product withthe service center, a user can also register, for example, through theapplication running within a mobile device, one or more socialcommunities and/or one or more eCommerce sites by storing the necessarycredentials (e.g., usernames and passwords) of the servers hosting thesocial communities and eCommerce sites in a database (e.g., userdatabase) of the service center, where the database is associated with auser the mobile device. Subsequently, the user can transmit a salesrequest to sell or dispose a registered product by specifying one ormore of the eCommerce sites.

In response to the sales request, post market service system 107 ofservice center 102 is configured to retrieve the necessary credentialsfor the specified one or more eCommerce sites and arrange the specifiedeCommerce sites for selling the product together with the associatedcredentials to allow the eCommerce sites to authenticate the user forthe purpose of selling the product, such that the user does not have toprovide the necessary credentials at the point in time of the salesrequest and the user does not have to provide detailed information ofthe product to be posted on the eCommerce sites describing the productto be sold. A single sales request received from the mobile device canspecify multiple eCommerce sites. The service center can also arrange adisposal facility to dispose (e.g., recycle) a registered productwithout having a user to specifically contact the disposal facility.

Similarly, a user can also post a message to one or more of theregistered social communities from the application running within themobile device without having to individually access the socialcommunities. In one embodiment, a user can transmit a request frommobile device 101 to service center 102, where the request includes amessage to be posted and one or more community identifiers identifyingone or more registered social communities. In response, communityservice system 105 of service center 102 is configured to retrieve theassociated credentials from the database and to post the message to thespecified social communities together with the associated credentialsallowing the social communities to authenticate the user, without havingto prompt the user for their same credentials each time. Furtherdetailed information concerning community service system 105 and/or postmarket service system 107 can be found in U.S. patent application Ser.No. 13/185,213, filed Jul. 18, 2011, now U.S. Pat. No. 8,478,652, issuedJul. 2, 2013, which is incorporated by reference herein in its entirety.

In one embodiment, messaging or advertisement system 108 is responsiblefor handling any messages received from a variety of partners orparties, such as client sites 117, client backend systems 118,manufacturer backend systems 119, and eCommerce sites 120. Messages maybe related to the registered products of the user, such as, promotions,rewards, and recall messages. Messages may include advertisements from avariety of advertisement providers.

In one embodiment, a user can configure a set of one or more rules tospecify whether certain types of messages or advertisements receivedfrom vendors or parties (e.g., retailers, manufacturers, socialcommunities, or other advertisement providers), which may or may not berelated to a registered product, should be routed to the user. Theserules serve as part of message delivery or filtering rules. The servicecenter engages with the related parties to allow the related parties toget in touch with the user by sending certain messages such as productpromotions, rewards, and/or recalls, etc. to the user. The servicecenter may send a message to a user via one or more communicationschannels preferred by the user, which may also be configured as a set ofrules and stored in a database associated with the user.

According to another embodiment, an advertisement received from a vendoris delivered by the service center to a mobile device of a user based ona set of delivery rules associated with the user. The advertisement isdisplayed on a display of the mobile device by an application runningtherein. In addition, the service center and/or the application areconfigured to track interactions of the user with respect to thedisplayed advertisement to determine user behaviors, patterns, or trendsin view of the displayed advertisement. An analysis is performed on theuser interaction and the result of the analysis may be utilized toconfigure further advertisement delivery by the service center and/orthe vendors.

According to another embodiment, service center 102 is configured toidentify users that have at least one common product registered with theservice center and are also members of a social community. The servicecenter is configured to send a message to those users to invite them toconnect (e.g., becoming friends or following a friend) with each othervia the social community. The social community is hosted by a thirdparty and communicatively coupled to the service center over a network.The service center may also deliver messages or items posted by one ofthose users to another one of those users on behalf of the socialcommunity, without requiring such users to individually or directlyaccessing the social community. The service center can also delivermessages or items to a particular user posted by other users of thesocial community, where the messages or items are related to aregistered product of that particular user.

According to a further embodiment, an application running on a mobiledevice provides a user friendly graphical user interface (GUI) to allowa user to configure a set of one or more delivery rules concerningwhether certain types of messages or advertisements should be receivedat the mobile device from a service center. The service center isconfigured to deliver messages or advertisements on behalf of a messageor advertisement provider, which can be a client to the service center,a retailer, a manufacturer, a social community, or other contentproviders. A user can utilize the GUI to configure, for each of theproviders, whether a message associated with a particular registeredproduct of the user or all products in general related to the providershould be received by the mobile device. The settings of the deliveryrules are then transmitted from the mobile device to the service centerto allow the service center to delivery subsequent messages oradvertisements on behalf of the message or advertisement providersaccordingly. Further detailed information concerning advertisementsystem 108 can be found in co-pending U.S. patent application Ser. No.13/185,309, filed Jul. 18, 2011, which is incorporated by referenceherein in its entirety.

In one embodiment, data warehouse 109 includes product database 110,client database 111, user database 112, and knowledgebase 113. Productdatabase 110 is configured to store any data related to the registeredproducts including user manuals, etc. Client database 110 is configuredto store information related to clients such as client's preferredcommunications mechanisms. User database 112 is used to storeinformation related users, such as, for example, registered productsassociated with a user, communications channel preference of a user,credentials necessary for a user to access other sites, and/or messagingfiltering settings of a user, etc. Knowledgebase 113 is used to storeknowledge collected and compiled over a period of time, which can beused by agents 115 and/or users for self-support purposes.

In one embodiment, service center 102 further includes a multi-channelcommunication system (not shown) to provide one or more communicationchannels to any user or client to concurrently access service center102. Examples of communication channels include email, chat, texting(e.g., short messaging services or SMS), voice (e.g., automated IVR,real-time, or VoIP), video, Web (e.g., Web conferencing), and/or onlinecommunity forum (e.g., Facebook™ or Twitter™), etc. Note that themulti-channel communication system may be fully or partially integratedwith service center 102 or alternatively, it may be maintained orprovided by a third party or partner (e.g., communicatively coupled viaservice API 104 over a network). Service center 102 further includes anautomatic caller distribution (ACD) system (not shown) to receive,route, and manage voice calls exchanged via the multi-channelcommunication system.

A customer can obtain support services from service center 102 via avariety of communication mechanisms. A customer can initiate a supportrequest to contact a live agent such as agents 115 in a live manner.Alternatively, a customer may browse certain knowledgebase, such as KB113 via a Web interface, in an attempt to find a solution to a problemof a product he/she purchased from a manufacturer via a client ofservice center 102.

According to one embodiment, service center 102 further includes asecurity system 125 to authenticate a user of mobile device 101 in orderto allow the user accessing services provided by any of systems 105-108.Security system 125 is configured to provide multiple login andauthentication options to a mobile device to allow a user to select oneor more of the options to access service center 102. Thelogin/authentication options include, but are not limited to, atraditional username and password login/authentication option, a voicelogin/authentication option, and an image login/authentication option.These options can be utilized individually or in combination dependentupon a particular user configuration or preference, which may bespecified and stored in a user profile maintained by service center 102,as part of user database 112. One login/authentication option can beutilized in addition to another login/authentication option oralternatively, one login/authentication option can be utilized as abackup option when another login/authentication option fails.

In one embodiment, in response to a user selection of a voice loginoption, security system 125 causes mobile device 101 to presentpredefined one or more phrases and to request the user to speak thepresented content to a microphone of the mobile device. A voice recorderof mobile device 101 is configured to capture a voice streamrepresenting the one or more phrases spoken in real time by the user.Mobile device 101 then transmits the captured voice stream to servicecenter 102 over a network. In response, security system 125 isconfigured to authenticate the user by matching the received voicestream against another voice stream that has been previously registeredand stored in a database associated with the user of the service center.

Similarly, a user can also initiate an image or video login option fromits mobile device. According to one embodiment, in response to a userselection of an image login option, mobile device 101 requests the userto capture one or more images of the user at the point in time using acamera of mobile device 101. Mobile device 101 then transmits thecaptured image(s) to service center 102 over a network. In response,security system 125 of service center 102 is configured to authenticatethe user by matching the received image(s) against other image(s) thathave been previously registered and stored in a database associated withthe user of the service center. The previously recorded voice and/orimage references may be stored, for example, by a registration system(not shown), in a user account as part of user database 112. Once theservice center has successfully authenticated the user, the user canobtain support services or access resources available from the servicecenter as described above regarding one or more products or servicesthat have been registered by the user.

According to one embodiment, application 103 is installed on mobiledevice 101 of a customer or user, where application 103 can serve as acentral service point to service center 102 that provides supportservices to a variety of products or services provided by a variety ofvendors. The vendors can be, for example, manufacturers, distributors,retailers, service brokers, purchasing houses, etc. of the products.Vendors may be the clients of service center 102 or entities having abusiness relationship with service center 102. A user (also referred toherein as a customer) can activate application 103 from the user'smobile device 101 to reach agents 105 the service center 102 or KB datacenter 114 via a variety of communication channels or media, such as,for example, email, chat, voice (including automated interactive voicerecognition or IVR, voice over Internet protocol or VoIP), video, Web,and/or online community-based forum, etc. Application 103 can be athin/thick client application or a Web-based application.

Note that a service center described throughout this application is notlimited to a traditional service center or support center, nor is itimplemented in a single physical location. A service center describedherein represents a collection of service logic or providerscommunicatively coupled to each other over a network in a distributed ora cloud-based fashion. The term of a service center herein representsany kind of service providers that provide a variety of services tocustomers or users. As described throughout this application, a servicecenter can be a set of enabling cloud-based service APIs, which enable avariety of consumer product services and support offerings via anintelligent set of technologies providing automated and/or livecommunications. In one embodiment, services provided by a service centercan include, but not limited to: 1) user, product, and loyaltyregistration and support services; 2) product wish list, reviews, andcomparisons; 3) purchasing and accessorizing services; 4) socialcommunity support and integration services; 5) intelligent knowledgesupport services; and 6) integrated sales and product dispositionservices, etc.

Also note that an agent, an expert, or a customer representativedescribed throughout this application is not limited to a real person.The term of an agent, an expert, or a customer representative can alsorefer to any processing logic or functional block that is configured orprogrammed to provide automated services to a customer, for example, viaservices APIs of the service center, without a need of a real personinvolved. Such processing logic and/or functional blocks can beimplemented in software, hardware, or a combination thereof.

FIG. 2 is a block diagram illustrating a security of a service centeraccording to one embodiment of the invention. System 200 may beimplemented as part of system 100 of FIG. 1. Referring to FIG. 2,service center 102 includes API 104 to allow a client such as mobiledevice 101 to access service center 102, security system 125 toauthenticate a user of mobile device 101, registration system 210 toregister credentials for authentication, and user database 112 to storethe authentication credentials. In one embodiment, security system 125includes authentication module 202, voice processing module 203, andimage processing module 204. Authentication module 202 can authenticatea user of mobile device 101 using various authentication methods, suchas, for example, traditional password authentication, voiceauthentication, image or video authentication, or a combination thereof.

In one embodiment, in response to a user selection of a voice loginoption, mobile device 101 presents predefined one or more terms,phrases, or sentences and requests the user to speak the presentedcontent to a microphone of mobile device 101. Voice recorder 208 ofmobile device 101 is configured to capture a voice stream representingthe one or more phrases spoken in real time by the user. Mobile device101 then transmits the captured voice stream to service center 102 overa network. In response, authentication module 202 of security system 125is configured to authenticate the user by matching the received voicestream against one of voice references 205 that have been previouslyregistered by registration system 210 and stored in user database 112associated with the user.

In one embodiment, authentication module 202 may invoke voice processingmodule 203 to process the received voice stream in view of voicereferences 205. Voice processing module 203 may be implemented as a partof a voice recognition system, which may be maintained by service center102 or alternatively by a third party voice recognition system that isaccessible (e.g., over a network) via an API. Voice references 205 mayinclude multiple voice streams, each of which may be registered andtrained previously by registration system 210. For example, during theregistration, a user may be prompted by registration system 210 viaapplication 103 to repeatedly speak to a microphone of mobile device 101a predetermined phrase in real time. The predetermined phrase may bemaintained by application 103 or retrieved from user database 112 ofservice center 102. Registration system 210 may invoke voice processingmodule 203 to process the captured phrases, and to train and capturevoice characteristics of the user that can uniquely identify the user.The final voice reference is then stored in database 112 as part ofvoice references 205. Multiple voice references may be utilized duringthe training, any one or more of which can be used to authenticate theuser dependent upon user configuration, which may be stored as part ofauthentication preferences 208. For example, if authentication modulefails to authenticate the user based on a first voice reference, it mayattempt to authenticate the user based on a second voice reference, orup to a predetermined number of voice references before declaring thatthe user cannot be authenticated.

Similarly, a user can also initiate an image or video login option fromits mobile device 101. According to one embodiment, in response to auser selection of an image login option, mobile device 101 requests theuser to capture one or more images or a video stream of the user at thepoint in time using camera 209 of mobile device 101. Mobile device 101then transmits the captured image(s) or video stream to security system125 of service center 102 over a network. In response, security system125 is configured to authenticate the user by matching the receivedimage(s) or video stream against image or video references that havebeen previously registered by registration system 210 and stored as partof image references 206 in database 112. Similarly, multiple imagereferences can be utilized to authenticate a user.

According to one embodiment, the voice login option and the image/videologin option may be required independently or in combination dependentupon specific situations, which may be configurable by the user andstored as part authentication preferences 208. For example, a voice orimage authentication may be required in addition to the traditionalpassword authentication, dependent upon the security level required. Anyof the voice, image, and password authentications may be selected as adefault or primary authentication mechanism. If the defaultauthentication fails, another authentication mechanism may be utilizedas a backup login option.

Once the service center has successfully authenticated the user, theuser can obtain support services or access resources available from theservice center regarding one or more products or services that have beenregistered by the user. For example, a user can initiate from its mobiledevice and the service center can arrange a service specialist byestablishing a communications session between the user and the servicespecialist using a communications channel that is preferred by the userand available to the service specialist. A user can also sell or disposea registered product via the service center. A user can also access anonline discussion forum associated with a registered product via theservice center. A user can also receive certain advertisements (e.g.,promotions or discount coupons) related to a registered product via theservice center. A registered product or service may be registered byscanning a machine-readable code (e.g., barcode, UPC, or serial number)of the product or service using a scanner or camera of the mobile devicewithout requiring the user to provide detailed information of theproduct or service. Based on the scanned machine-readable code,registration system 210 can communicate with the necessary or relatedparties (e.g., systems 116-120 of FIG. 1) to compile the detailedinformation, as described in the above incorporated-by-referenceapplications.

FIG. 3 is a flow diagram illustrating an authentication method foraccessing a service center according to one embodiment of the invention.For example, method 300 may be performed by service center 102 in FIGS.1-2. Referring to FIG. 3, at block 301, first media data is received ata security system of a service center. The first media data representsat least one of voice and image of a user. The first media data wascaptured and received from a mobile device of the user over a network,for example, using a voice recorder and/or camera of a mobile device. Inresponse to the first media data, at block 302, an authentication moduleis configured to authenticate the user based on the first media data.The authentication module may invoke a voice processing module and/or animage/video processing module to process the first media data bymatching the first media data against second media data that has beenpreviously registered with the service center. The second media datarepresents at least one of voice and image references and may beregistered and trained using the techniques described above. Upon havingsuccessfully authenticated the user based on the first media data, atblock 303, the service center is configured to provide support services,as described in the above incorporated-by-reference applications, forone or more registered products or services that have been registeredwith the service center on behalf of the corresponding product orservice providers.

FIG. 4 is a flow diagram illustrating an authentication method foraccessing a service center according to another embodiment of theinvention. For example, method 400 may be performed by service center102 in FIGS. 1-2. Referring to FIG. 4, at block 401, first media data isreceived at a security system of a service center. The first media datarepresents at least one of voice and image of a user. The first mediadata was captured and received from a mobile device of the user over anetwork, for example, using a voice recorder and/or camera of the mobiledevice. In response to the first media data, at block 402, anauthentication module is configured to authenticate the user based onthe first media data. The authentication module may invoke a voiceprocessing module and/or an image/video processing module to process thefirst media data by matching the first media data against second mediadata that has been previously registered with the service center. Thesecond media data may be registered and trained using the techniquesdescribed above. At block 403, it is determined whether theauthentication based on the first media data is successful. If so, atblock 405, the service center is configured to provide support services,as described in the above incorporated-by-reference applications, forone or more registered products or services that have been registeredwith the service center on behalf of the corresponding product orservice providers. If the authentication based on the first media datais not successful, at block 404, another authentication method such astraditional password authentication method is performed as analternative authentication mechanism.

As described above, a user can configure, as a part of a user profile orauthentication preferences, any one or more of the configuredauthentication methods can be used to authenticate a user.Alternatively, a particular authentication method (e.g., voice, image,or password) can be designated as a default or primary authenticationmethod or alternatively, it can be configured as a secondary or backupauthentication method. Furthermore, a particular authentication methodcan also be configured as an addition authentication method, in additionto a default or primary authentication dependent upon the securityrequirement. For example, according to one configuration, a user canselect any one of voice, image, and password authentication methods toallow a service center to authenticate the user. Alternatively,according to another configuration, if a voice or image authenticationfails, a traditional password authentication may be performed, or viceversa. According to a further configuration, if a default authenticationsuch as voice or image authentication is successful, a traditionalpassword authentication may further be required, or vice versa, forextra security consideration, etc. Other configurations may also beapplied herein.

FIG. 5 is a flow diagram illustrating a method to authenticate a userfor accessing a service center according to one embodiment of theinvention. For example, method 500 may be performed by mobile device 101of FIGS. 1-2. Referring to FIG. 5, at block 501, processing logicdisplays a login page on a display of a mobile device for logging onto aservice center over a network. The service center provides supportservices for a variety of products or services on behalf of a variety ofproduct or service providers. At block 502, processing logic displays onthe login page multiple authentication options for authenticating a userof the mobile device, including at least two of voice, image/video, andpassword authentication options. In response to a user selection of avoice authentication method, at block 503, processing logic instructsthe user to speak a predetermined phrase to a microphone of the mobiledevice. Processing logic is configured to capture, via a voice recorderof the mobile device, a voice stream in real time and to transmit thecaptured voice stream to the service center over a network to enable theservice center to authenticate the user based on the voice stream.

In response to a user selection of an image/video authentication method,at block 504, processing logic instructs the user to capture an image orvideo stream of the user at the point in time using a camera of themobile device. Processing logic is configured to capture, via the cameraof the mobile device, an image or video stream in real time and totransmit the captured image or video stream to the service center over anetwork to enable the service center to authenticate the user based onthe image or video stream. In response to a user selection of a passwordauthentication method, at block 505, processing logic prompts the userto enter a password in an input field displayed on the login page andtransmits the password to the service center to allow the service centerto authenticate the user based on the password.

Note that as described above, the voice, image/video, and passwordauthentication methods may be presented and performed individually or incombination. Operations involved in blocks 503-505 may be performedindependently or in sequence, dependent upon the specific configuration(e.g., authentication preferences) of the user. Similarly, the voice,image/video, and password login options may be presented on the loginpage individually or in combination dependent upon the authenticationpreferences of the user. For example, it is assumed that a user hasconfigured his/her authentication preferences to have a voice login as aprimary authentication method and a password authentication as asecondary authentication. In this example, the login page may onlydisplay a voice login option and only if the voice authentication fails,the login page then prompts the user for password. Similarly, if theuser has configured requiring both image and password authenticationmethods, where the image authentication method is a default one, thelogin page may display only the image login option first and only if theimage authentication is successful, the login page then displays thepassword login option requesting the user to enter the password. Otherconfigurations may exist.

FIGS. 6A-6F are screenshots illustrating examples of graphical userinterfaces (GUIs) for authenticating a user for accessing a servicecenter according to one embodiment of the invention. For example, theGUIs as shown in FIGS. 6A-6F may be presented by application 103 ofmobile device 101. Referring to FIG. 6A, when a user launchesapplication 103 from its mobile device and attempts to log into servicecenter 102 over a network, login page 600 is presented by theapplication. As described above, embodiments of the invention provide avariety of login options to allow a user to log into the service centerusing one or more of the login options, dependent upon the specificconfiguration of the authentication preferences. In this example, loginpage 600 includes three login options: 1) traditional password loginoption 601; 2) voice login option 602; and 3) image login option.

Again, the login options are presented on login page 600 dependent uponthe specific configuration of the authentication settings, which may bestored as a part of authentication preferences or user profile. In thisexample, it is assumed that a user has configured to have all threeoptions available and enabled, such that the user can utilize any one ofthe login options 601-603. In another example, the user may haveconfigured to have only one or two of the login options 601-603 that areavailable for login. In such a situation, only the preferred oravailable login options are presented on login page 600. In a furtherexample, a user may have designated a primary or default login optionand a secondary or backup login option, where the secondary login optionis utilized only when the primary login option fails to authenticate theuser. In such a situation, only the primary login option is initiallydisplayed on login page 600, where the secondary login option isdisplayed on login page 600 only when the primary login fails.Similarly, a user may have designated a primary or default login optionand one or more secondary login options, where the secondary loginoption is utilized only when the primary login option successfullyauthenticates the user. In such a situation, only the primary loginoption is initially displayed on login page 600, where a secondary loginoption is displayed on login page 600 only when the primary loginsuccessfully authenticates the user.

Referring back to FIG. 6A, according to one embodiment, a user canselect any one of login options 601-603 for logging onto the servicecenter. If the user selects traditional password login option 601, theuser can enter the necessary user identification (e.g., email address)in input field 604 and the password in input field 605. Once the useractivates or clicks login button 606, the username and password aretransmitted by the application to the service center over a network toallow the service center to authenticate the user based on the usernameand password. Alternatively, the user can select voice login or imagelogin option by activating buttons 602 and 603, respectively.

According to one embodiment, when the user selects voice login option602, a voice login page 610 is displayed as shown in FIG. 6B. Referringnow to FIG. 6B, voice login page 610 includes information requesting theuser to capture predetermined phrase 612 by activating button 611. Thepredetermined phrase 612 may be maintained by the underlying applicationor by the service center. In addition, voice login page 610 displays avolume indicator 613 indicating the current volume spoken by the user,which may be monitored by the underlying application. In this way, theuser can adjust his/her volume to ensure that a reasonably good qualityof a voice stream is captured for authentication purpose.

Once the user activates button 611, voice login page 611 displaysinformation indicating that the voice of the user is being recorded asshown in FIG. 6C. In addition, volume indicator 613 may display in realtime the current volume spoken by the user. At this point, the user canclick button 611 again to stop the recording. Once the recording hasbeen completed, the captured voice stream is transmitted to the servicecenter and the voice login page displays information indicating that theuser is being authenticated based on the voice as shown in FIG. 6D. Oncethe user has been successfully authenticated based on the voice as shownin FIG. 6E, the user can access resources of the service centerincluding obtaining support services from the service center concerningone or more products or services that have been previously registeredwith the service center by the user. If the voice authentication fails,a failure message is displayed to allow the user to try another attempt,for example, using a different phrase as shown in FIG. 6F.

FIGS. 7A-7D are screenshots illustrating examples of graphical userinterfaces (GUIs) for authenticating a user for accessing a servicecenter according to another embodiment of the invention. For example,GUI pages as shown in FIGS. 7A-7D may be presented in response to anactivation of button 603 of FIG. 6A for image login. In one embodiment,in response to a request for image login, image login page 700 ispresented on a display of a mobile device. Image login page 700 includesbutton 701 to allow a user to start image login process by capturing animage of the user in real time as shown in FIG. 7B. The captured imageis also displayed on display area 702 of image login page 700. Once theimage has been captured, certain characteristics of the image may bedetermined and transmitted to the service center for authentication. Inone embodiment, a facial recognition process is performed on thecaptured image as shown in FIG. 7C. Alternatively, at least a portion ofthe image is transmitted to the service center, where a facialrecognition is performed at the service center. Once the service centerhas authenticated the user based on the image, the image login page 700displays either successful or failure status of the authentication asshown in FIG. 7D.

Some portions of the preceding detailed descriptions have been presentedin terms of algorithms and symbolic representations of operations ondata bits within a computer memory. These algorithmic descriptions andrepresentations are the ways used by those skilled in the dataprocessing arts to most effectively convey the substance of their workto others skilled in the art. An algorithm is here, and generally,conceived to be a self-consistent sequence of operations leading to adesired result. The operations are those requiring physicalmanipulations of physical quantities.

It should be borne in mind, however, that all of these and similar termsare to be associated with the appropriate physical quantities and aremerely convenient labels applied to these quantities. Unlessspecifically stated otherwise as apparent from the above discussion, itis appreciated that throughout the description, discussions utilizingterms such as those set forth in the claims below, refer to the actionand processes of a computer system, or similar electronic computingdevice, that manipulates and transforms data represented as physical(electronic) quantities within the computer system's registers andmemories into other data similarly represented as physical quantitieswithin the computer system memories or registers or other suchinformation storage, transmission or display devices.

Embodiments of the invention also relate to an apparatus for performingthe operations herein. Such a computer program is stored in anon-transitory computer readable medium. A machine-readable mediumincludes any mechanism for storing information in a form readable by amachine (e.g., a computer). For example, a machine-readable (e.g.,computer-readable) medium includes a machine (e.g., a computer) readablestorage medium (e.g., read only memory (“ROM”), random access memory(“RAM”), magnetic disk storage media, optical storage media, flashmemory devices).

The processes or methods depicted in the preceding figures may beperformed by processing logic that comprises hardware (e.g. circuitry,dedicated logic, etc.), software (e.g., embodied on a non-transitorycomputer readable medium), or a combination of both. Although theprocesses or methods are described above in terms of some sequentialoperations, it should be appreciated that some of the operationsdescribed may be performed in a different order. Moreover, someoperations may be performed in parallel rather than sequentially.

Embodiments of the present invention are not described with reference toany particular programming language. It will be appreciated that avariety of programming languages may be used to implement the teachingsof embodiments of the invention as described herein.

In the foregoing specification, embodiments of the invention have beendescribed with reference to specific exemplary embodiments thereof. Itwill be evident that various modifications may be made thereto withoutdeparting from the broader spirit and scope of the invention as setforth in the following claims. The specification and drawings are,accordingly, to be regarded in an illustrative sense rather than arestrictive sense.

What is claimed is:
 1. A computer-implemented method for providingsupport services to users of products, the method comprising: displayinga login page on a display by a mobile application of a mobile device forlogging onto a support center over a network, the support centerproviding support services for a plurality of products on behalf of aplurality of vendors, wherein the login page includes a first loginoption and a second login option; in response to a user selection of thefirst login option, requesting the user to speak a predetermined phraseto a microphone of the mobile device, capturing a first voice streamusing a voice recorder of the mobile device, the first voice streamrepresenting the predetermined phrase spoken by the user, andtransmitting the first voice stream to the support center, wherein thesupport center is configured to authenticate the user by matching thefirst voice stream against a second voice stream previously registeredwith the support center; in response to a user selection of the secondlogin option, prompting the user for entering a password from the loginpage, and transmitting the password to the support center to allow thesupport center authenticate the user based on the password; and uponhaving been successfully authenticated by the support center based on atleast one of the first and second login options, establishing acommunication session with a support agent of the support center forsupport services of a product associated with the user, wherein thesupport center provides support services for a plurality of products onbehalf of a plurality of product providers.
 2. The method of claim 1,further comprising: displaying a third login option on the login page ofthe mobile device; and in response to a user selection of the thirdlogin option, requesting the user to face a camera of the mobile,capturing a first image of the user using the camera of the mobiledevice, and transmitting the first image to the support center, whereinthe support center is configured to authenticate the user by matchingthe first image against a second image previously registered with thesupport center.
 3. The method of claim 1, further comprising: displayinga fourth login option on the login page of the mobile device; and inresponse to a user selection of the fourth login option, requesting theuser to face a camera of the mobile, capturing a first video stream ofthe user using the camera of the mobile device, and transmitting thefirst video stream to the support center, wherein the support center isconfigured to authenticate the user by matching the first video streamagainst a second video stream previously registered with the supportcenter.
 4. The method of claim 1, wherein requesting the user to speak apredetermined phrase to a microphone of the mobile device comprisesdisplaying the predetermined phrase on the mobile device, such that theuser can read the predetermined phrase displayed on the mobile devicewhile speaking the predetermined phrase to the microphone.
 5. The methodof claim 4, wherein the predetermined phrase is a first of a pluralityof predetermined phrases that have been registered with the supportcenter previously by the user, and wherein each of the plurality ofpredetermined phrases is associated with a voice stream referenceprovided by the user during a registration of the predetermined phrases.6. The method of claim 5, further comprising: receiving anauthentication failure from the support center in response to the firstvoice stream; displaying a second of the plurality of phrases on themobile device; requesting the user to speak the second predeterminedphrase to the microphone of the mobile device; capturing a third voicestream using the voice recorder of the mobile device; and transmittingthe third voice stream to the support center, wherein the support centeris configured to authenticate the user by matching the third voicestream against a fourth voice stream corresponding to the secondpredetermined phrase.
 7. The method of claim 1, wherein the first loginoption is a primary login option and the second login option is asecondary login option, which have been previously configured by a userof the mobile device as login preferences.
 8. The method of claim 7,wherein login preferences are stored in a user profile of the user inthe support center during a previous login registration with the supportcenter, and wherein when the login page is displayed, the mobileapplication is configured to communicate with the support center toretrieve the login preferences and to display the login page inaccordance with the login preferences.
 9. The method of claim 7, whereinthe first login option is initially displayed without displaying thesecond login option, and wherein the second login option is displayedonly if the authentication of the first login option fails.
 10. Themethod of claim 7, wherein the first login option is initially displayedwithout displaying the second login option, and wherein the second loginoption is displayed only if the authentication of the first login optionsucceeds.
 11. A non-transitory machine-readable medium havinginstructions stored therein, which when executed by a processor, causethe processor to perform a method for providing support services tousers of products, the method comprising: displaying a login page on adisplay by a mobile application of a mobile device for logging onto asupport center over a network, the support center providing supportservices for a plurality of products on behalf of a plurality ofvendors, wherein the login page includes a first login option and asecond login option; in response to a user selection of the first loginoption, requesting the user to speak a predetermined phrase to amicrophone of the mobile device, capturing a first voice stream using avoice recorder of the mobile device, the first voice stream representingthe predetermined phrase spoken by the user, and transmitting the firstvoice stream to the support center, wherein the support center isconfigured to authenticate the user by matching the first voice streamagainst a second voice stream previously registered with the supportcenter; in response to a user selection of the second login option,prompting the user for entering a password from the login page, andtransmitting the password to the support center to allow the supportcenter authenticate the user based on the password; and upon having beensuccessfully authenticated by the support center based on at least oneof the first and second login options, establishing a communicationsession with a support agent of the support center for support servicesof a product associated with the user, wherein the support centerprovides support services for a plurality of products on behalf of aplurality of product providers.
 12. The non-transitory machine-readablemedium of claim 11, wherein the method further comprises: displaying athird login option on the login page of the mobile device; and inresponse to a user selection of the third login option, requesting theuser to face a camera of the mobile, capturing a first image of the userusing the camera of the mobile device, and transmitting the first imageto the support center, wherein the support center is configured toauthenticate the user by matching the first image against a second imagepreviously registered with the support center.
 13. The non-transitorymachine-readable medium of claim 11, wherein the method furthercomprises: displaying a fourth login option on the login page of themobile device; and in response to a user selection of the fourth loginoption, requesting the user to face a camera of the mobile, capturing afirst video stream of the user using the camera of the mobile device,and transmitting the first video stream to the support center, whereinthe support center is configured to authenticate the user by matchingthe first video stream against a second video stream previouslyregistered with the support center.
 14. The non-transitorymachine-readable medium of claim 11, wherein requesting the user tospeak a predetermined phrase to a microphone of the mobile devicecomprises displaying the predetermined phrase on the mobile device, suchthat the user can read the predetermined phrase displayed on the mobiledevice while speaking the predetermined phrase to the microphone. 15.The non-transitory machine-readable medium of claim 14, wherein thepredetermined phrase is a first of a plurality of predetermined phrasesthat have been registered with the support center previously by theuser, and wherein each of the plurality of predetermined phrases isassociated with a voice stream reference provided by the user during aregistration of the predetermined phrases.
 16. The non-transitorymachine-readable medium of claim 15, wherein the method furthercomprises: receiving an authentication failure from the support centerin response to the first voice stream; displaying a second of theplurality of phrases on the mobile device; requesting the user to speakthe second predetermined phrase to the microphone of the mobile device;capturing a third voice stream using the voice recorder of the mobiledevice; and transmitting the third voice stream to the support center,wherein the support center is configured to authenticate the user bymatching the third voice stream against a fourth voice streamcorresponding to the second predetermined phrase.
 17. A mobile device,comprising: a processor; and a memory coupled to the processor forstoring instructions, which when executed from the memory, cause theprocessor to perform a method, the method including displaying a loginpage on a display by a mobile application of the mobile device forlogging onto a support center over a network, the support centerproviding support services for a plurality of products on behalf of aplurality of vendors, wherein the login page includes a first loginoption and a second login option; in response to a user selection of thefirst login option, requesting the user to speak a predetermined phraseto a microphone of the mobile device, capturing a first voice streamusing a voice recorder of the mobile device, the first voice streamrepresenting the predetermined phrase spoken by the user, andtransmitting the first voice stream to the support center, wherein thesupport center is configured to authenticate the user by matching thefirst voice stream against a second voice stream previously registeredwith the support center; in response to a user selection of the secondlogin option, prompting the user for entering a password from the loginpage, and transmitting the password to the support center to allow thesupport center authenticate the user based on the password; and uponhaving been successfully authenticated by the support center based on atleast one of the first and second login options, establishing acommunication session with a support agent of the support center forsupport services of a product associated with the user, wherein thesupport center provides support services for a plurality of products onbehalf of a plurality of product providers.
 18. The device of claim 17,wherein the method further comprises: displaying a third login option onthe login page of the mobile device; and in response to a user selectionof the third login option, requesting the user to face a camera of themobile, capturing a first image of the user using the camera of themobile device, and transmitting the first image to the support center,wherein the support center is configured to authenticate the user bymatching the first image against a second image previously registeredwith the support center.
 19. The device of claim 17, wherein the methodfurther comprises: displaying a fourth login option on the login page ofthe mobile device; and in response to a user selection of the fourthlogin option, requesting the user to face a camera of the mobile,capturing a first video stream of the user using the camera of themobile device, and transmitting the first video stream to the supportcenter, wherein the support center is configured to authenticate theuser by matching the first video stream against a second video streampreviously registered with the support center.
 20. The device of claim17, wherein requesting the user to speak a predetermined phrase to amicrophone of the mobile device comprises displaying the predeterminedphrase on the mobile device, such that the user can read thepredetermined phrase displayed on the mobile device while speaking thepredetermined phrase to the microphone.
 21. The device of claim 20,wherein the predetermined phrase is a first of a plurality ofpredetermined phrases that have been registered with the support centerpreviously by the user, and wherein each of the plurality ofpredetermined phrases is associated with a voice stream referenceprovided by the user during a registration of the predetermined phrases.22. The device of claim 21, wherein the method further comprises:receiving an authentication failure from the support center in responseto the first voice stream; displaying a second of the plurality ofphrases on the mobile device; requesting the user to speak the secondpredetermined phrase to the microphone of the mobile device; capturing athird voice stream using the voice recorder of the mobile device; andtransmitting the third voice stream to the support center, wherein thesupport center is configured to authenticate the user by matching thethird voice stream against a fourth voice stream corresponding to thesecond predetermined phrase.